MPAA: Forget National Security, This Is About Internet Security!
from the it's-the-worst-thing-of-all...oh-wait,-it's-just-a-botnet dept
Just the other day, famed troll-magnet Marcus Carab and I were discussing my fear of diving too deeply into HTML code. What am I afraid of, you ask? Well, because I'm an idiot, part of me believes that there is some kind of HTML super code out there that, if inputted into a simple blog post, would literally undo the internet. Techdirt itself would simply fade away into dissolved binary. It'd be a great disturbance, as though millions of lolcats meowed out in terror and were suddenly silenced. Exposed Sony customer information would just melt into oblivion, leaving literally trillions of angry hackers with idle hands and too much Cheetohs residue on their fingers.
This, of course, is stupid. But it's this kind of uninformed fear that folks like the MPAA play upon when they insist that so-called "rogue websites" are a major threat to everyone connected to the interwebz. It's a scaled up political play, stemming from their appeals to nationalism. Take a gander at what the MPAA’s Senior Vice President and Chief Technology Policy Officer Paul Brigner wrote on their website's (snicker) blog:
"Internet users who go looking for stolen movies online may end up getting more than they bargained for – a practically 'indestructible' form of malicious software designed to give cyber criminals remote control over users’ computers."
Wow. Indestructible malware. That's pretty effing scary, right? You'd have to expect that this would be some kind of new holy terror brought down upon us by the likes of zombie bin Laden.
Well, from the Kaspersky post Brigner based his words on, not really. It's a new evolution in a traditional botnet, one which requires less centralization and an affiliate installation payment program. Hell, the writer in the post follows up with folks in the comments section with free software that can be used to detect and fight off the malware. And keep in mind, of course, that these dire warnings are coming from a company that sells antivirus to protect against these threats. But this is the launching pad for Brigner's conclusion:
"All the more reason to keep rogue sites from reaching U.S. consumers. Stealing movies isn’t worth the risk to American jobs – or the risk to Internet security."
Somehow I'm not shaking in my boots yet. Oh, and nice phraseology there. Rogue sites reaching U.S. consumers? I was unaware that these rogue sites we've been discussing the past few months were accessing users rather than the other way around. It's a symptom of the problem that Brigner doesn't realize his customers are seeking out the sites when they should be seeking out his member filmmakers.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: movies, rogue sites, security
Companies: mpaa
Reader Comments
Subscribe: RSS
View by: Time | Thread
some truth
I'd say this part of the quote is true, except for the "stolen" part, because I am pretty sure the original movie is intact after copying. But the main point is that they'll really get more, because online movies don't have ads, don't have DRM, don't have artificial release windows, so they are definitely superior to the average retail shop dvd quality.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Alt OSes
[ link to this | view in chronology ]
Re: Alt OSes
[ link to this | view in chronology ]
Hackers Can Turn Your Home Computer Into A Bomb
Though The article must be read in its entirety, though the headline says it all. Hackers Can Turn Your Home Computer Into A Bomb [click for image of article]
so always remember this Fundamental Universal Datum (I like to call it FUD) noobs b3warz uz l33ts vill bombsz yur intertubez 2 st33lz yur muuzix
PS: Thankfully Tim you only wanted to know about the old wordstar RTF language that we now call HTML, you might of asked Marcus about such things like how to dump the core in *nix.. now thats scary ;)
[ link to this | view in chronology ]
Oooh, scary. Does it run on Linux?
[ link to this | view in chronology ]
Re:
The MPAA even includes a nifty read.me file showing you how to "su make install"
;)
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
If he's that concerned, perhaps he stop distributing it.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
It's a known fact the MPAA hires people to do just this type of shit.
Just like they built and ran an "illegal" site for the sole purpose of tracking people who "download" illegally.
[ link to this | view in chronology ]
Re: Re: Re:
No, i think "owning" and running an effective botnet is more profitable than anything the MPAA would be willing to pay.
[ link to this | view in chronology ]
Re: Re: Re: Re:
http://www.intuitive.com/blog/our_viruswriting_friends_at_the_mpaa.html
Like this vaporware virus?
or the one that explodes pirates hdds (wish i could find a link)
If they were able to buy an effective virus they wouldn't have been begging AV companies to look for "illegal files"
http://www.eff.org/deeplinks/2010/04/entertainment-industrys-dystopia-future
These are the people that said they were too tech clueless to adapt and too tech stupid to trust themselves to hire someone who knew what he was talking about. I mean really do you think a talented blackhat would work for these fucks? And if he did would he write them a novel and powerful virus or repackage some shit that had its 0day 10 years ago?
I think you are giving the MPAA too much credit if you think they are smart enough to know a good virus when they see one, and not giving blackhats enough credit to rip off idiots when they see one.
[ link to this | view in chronology ]
The problem really isn't malware...
So if the MPAA is truly concerned about IT security on a planetary level, it should be lobbying to have Windows banned. I've long since banned it from my operation, which is one reason why I have a far better chance of avoiding a breach than many others: I've stacked the deck in my favor.
(Now...there are some people who will tell you that Windows system can be secured. They are lying, of course: not even Microsoft has managed that feat, and they have enormous financial and personnel resources, not to mention the source code. Fresh evidence arrives daily from their operations demonstrating active comprises, and is available to anyone of sufficient intelligence and experience who runs a network, a mail server, or a web server --- and is actually paying attention.)
Everyone else knows that there are now something above 200 million compromised Windows systems on the Internet, and more every day. This is a serious and ongoing problem, so it would be great if the MPAA would through its weight (ponderous and clueless though it might be) behind efforts to deal with this situation.
[ link to this | view in chronology ]
Re: The problem really isn't malware...
Truth time: Malware is coming out for OSX now that morons are using it as their primary OS. No one writes malware for Linux because the main way it gets in is through retarded users, and everyone knows that there are no Linux users.
The OS is just a tool, like you. Using one that no one cares about does not make you better than other people. It just means you have a tiny penis and need to feel superior in some way.
Tiny penis.
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
Question: In my home I have one computer running OpenSUSE, one running Vista, and one running Windows 7. In addition, I have a phone that runs Android, an iPad running iOS, and a Playstation running Sony's patented DON'TFUCKINGTOUCHANYTHINGORWE'LLKILLYOU operating system.
The tape measure is at least several feet away and I'm lazy. Exactly how long/wide/impressive is my man-sausage?
[ link to this | view in chronology ]
Re: Re: Re: The problem really isn't malware...
I guess I know what that playstation+ membership actually gets me.
[ link to this | view in chronology ]
Re: Re: Re: The problem really isn't malware...
There is probably an App for that.
[ link to this | view in chronology ]
Re: Re: Re: Re: The problem really isn't malware...
You are right there is such an app WTF!
But I think I will try the idiot meter to see how I will fare.
http://www.appbrain.com/search?q=are+you+and+idiot
[ link to this | view in chronology ]
Re: Re: Re: The problem really isn't malware...
My desktop multiboots windows7, debian stable, debian sid, and slackware-multilib.
My laptop: windows7, debian sid (with a custom kernel), peppermint ice, slackware-multilib (using fluxbox wm), centos, sabayon6, and backtrack5.
I have a DMZ server that runs a debian minimal install (~200mB total), and two other machines that get different OSes all the time (I like to tinker, but don't really like breaking my main machines if I can help it).
I can hardly walk! So there. :P
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
However, the existence of malware alone is not adequate to evaluate the threat model. One must consider how it's delivered, what it impacts, how observable it is, what actions it takes, how it may be detected, how it may be removed and so on. It's quite easy for a cursory analysis such as yours to point out that X or Y exists; but that's of course misleading and superficial.
And incidentally, if you cannot grasp the fundamental differences in security model and security implementation between (let's say) Windows 7 and FreeBSD, then you are badly in need of remedial education.
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
I though if you had a tiny penis you used something that girls cared about(or something your tiny penis tells you girls care about) Or are hummers and lambos cars that no one care about?
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
"Tiny penis"
[ link to this | view in chronology ]
Re: The problem really isn't malware...
If everyone switched to linux tomorrow we would see a lot of new and powerful linux malwares in about 6 months. They simply target the idiots and most idiots(and most people) have windows.
[ link to this | view in chronology ]
Re: Re: The problem really isn't malware...
In the case of the historical record: what many mere newbies fail to grasp, because they weren't there and because they don't read, is that there was a time when Windows systems were NOT predominant on the Internet. Nor were there firewalls or IDS or IPS or vulnerability scanners or many of the other components of the contemporary security environment. Yet we did not see the kind of systemic, chronic issues we see today.
In the case of the contemporary environment, if it were true that popularity equated in even some rough fashion to target selection, then we would expect to see issues in proportion to system population. That is, if OS's A B and C constituted 70, 20 and 10 percent of the overall system population, we would expect to see the compromised system population reflect similar numbers. But we do not: anyone who is sufficiently experienced in this matter knows -- via passive OS fingerprinting and other techniques -- that Windows predominates. Research here over the past decade indicates that Windows accounts for all but a handful out of every million such observed systems -- a percentage far in excess of the actual Windows population.
Windows isn't targeted because it's popular. It's targeted because it's weak.
[ link to this | view in chronology ]
Re: Re: Re: The problem really isn't malware...
I partially agree and also restate my argument. Windows is target because that is were the weak user is.
While linux does not have an proportional percent of virus infections to its user base its user base is also smarter (maybe tech savvy is a better word) than windows users. I could code a sweet linux virus but I doubt any linux user is stupid enough to download a free codec pack, a dancing kitty screensave or a facebook template designer.
I am not trying to defend windows and say that make a secure OS, I am just saying thats the lake with the fish in it so that is where people cast their line. It has more exploits because more people spend time trying to exploit it. iOS was 100% secure until the recent past. Was that because apple made a perfect OS? No, it was because iOS is a pain to code for and it wasn't worth the time for the potential reward, the user base was small and it was primarily used by advanced users or professionals. Now we see Macs becoming more popular for the average user and we see Mac viruses in the wild.
"if OS's A B and C constituted 70, 20 and 10 percent of the overall system population, we would expect to see the compromised system population reflect similar numbers."
There is false logic in this statement. If I was making malware why would I ever bother to make it for OS C? Why take the time to write code that targets such a small user base when I could write code for OS A and increase my potential victims by 600%? So i would never expect infections to be proportional to usage.
[ link to this | view in chronology ]
Re: Re: Re: Re: The problem really isn't malware...
What OS dominates servers?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: The problem really isn't malware...
I would think most server attacks are active hacks, meaning someone sitting there and running scripts or commands to gain entry. As opposed to the passive attacks you see on the internet, put virus on page, wait, profit. Of course you could actively hack an end user and I imagine there a scripts that could automatically gain root over a very poorly protected server.
As far as "where the is the money" it depends on what you are after. A server can give you large amounts of user data which you could potentially use to get money out of them (or sell the large amount of data outright) but with end users you can use scams to trick them into paying you money (and then possibly continue to use the credit card info they gave you), sell time on your botnet, or use keyloggers to gain access to their accounts. I imagine both routes could be equally profitable and would also imagine something like infecting users with a rogue anti-virus would be easier to pull of then gaining root on a server. But I really don't know where the money is because I never tried to make money by ripping people off.
Disclaimer: my tech knowledge goes little beyond consumer level. I did consumer grade repairs as my primary source of income for years and still dabble in it a little. If we talk about consumer level servers (home game servers or ftp servers) I know a bit but I know very little about commercial servers beyond what I have researched out of curiosity.
[ link to this | view in chronology ]
I know! How simple to understand! One that casual pirates will have no problem doing and will allow them to continue to ignore legal avenues of doing business.
The instructions are very, very simple. Just type the following every time you wish to rip off something:
Exodus84/ren-code id# 67308753
Then: beef&reemus^ogre/niner_ gobble earthhab
1967trippy goophang
laird me on the bus.
And you're set.
Couldn't be easier.
[ link to this | view in chronology ]
Microsoft famously recommended "nuke from orbit",
"Rogue sites reaching U.S. consumers? I was unaware that these rogue sites we've been discussing the past few months were accessing users rather than the other way around."
Surprise for you: "teh internets" is two way communication. And if you ever looked at the logs on your router (asuming you have one), you'd likely see numerous attempts to access your computer (mostly hoping for Windows flaws to exploit). Not just a slip when you're picking at someone else's "phraseology" as if he's stupid.
"It's a symptom of the problem that Brigner doesn't realize his customers are seeking out the sites when they should be seeking out his member filmmakers."
You point out that "pirates" don't want to pay for content. By definition they're not "his customers". You've just admitted that they're losing money to piracy.
But I'm most intrigued by "should be seeking out his member filmmakers". Do you have some interest in content companies revenues and wish them to get more? Do you mean instead of "pirating"? With some variant of Mike's "free" notions? Because until the pricing levels change, the piracy isn't likely to reduce.
[ link to this | view in chronology ]
Re: Microsoft famously recommended "nuke from orbit",
Dammit, I hate typos, so thanks for pointing it out. I'll edit that once I get in front of a non-mobile computer....
"Surprise for you: "teh internets" is two way communication. And if you ever looked at the logs on your router (asuming you have one), you'd likely see numerous attempts to access your computer (mostly hoping for Windows flaws to exploit). Not just a slip when you're picking at someone else's "phraseology" as if he's stupid."
Two things. First, it seems clear to me that the point of that statement was to make it look like "rogue sites" were seeking out users, coopting naive people into their evil, when that's clearly not the case. I'm fairly certain, but leave open the possibility that I could be wrong, that he wasn't talking about technical communication patterns while accessing the internet.
Secondly, I don't think Brigner is stupid at all. I think he's a snake.
"You point out that "pirates" don't want to pay for content. By definition they're not "his customers"."
No, you miss the point, but perhaps my own phraseology could have been better. Customers, or potential customers if you prefer, are those that want what you're selling. Downloaders, evil filthy pirates though they may be, want what you got. Brigner is focusing so hard on keeping them from going to the rogue sites that he's forgotten to offer these potential customers what they're looking for. The customer is always right, after all....
"But I'm most intrigued by "should be seeking out his member filmmakers". Do you have some interest in content companies revenues and wish them to get more?"
Well, not any studio in particular, but YES!!! I absolutely LOVE movies. In fact, I get lost in most of the music discussions 'round these here parts because I don't really listen to all that much music. But movies? You're damn right I want movie studios to do every bit as well as is required to put out the next piece of entertainment for me to enjoy. I'd just prefer they not be disingenious while doing so....
"Do you mean instead of "pirating"? With some variant of Mike's "free" notions? Because until the pricing levels change, the piracy isn't likely to reduce."
I know everyone likes to point to Mike for this stuff, and he's certainly been a voice for these alternative business models, but they aren't his. They aren't mine. Price differences coupled with smart selling of scarce goods, cultivating good will, and putting out a great product are all that's necessary here....
[ link to this | view in chronology ]
[ link to this | view in chronology ]
This new bot just has a few twists but nothing in it is really new. Not the communication by p2p methods, not the infection in MBR. Now MBR infections are usually tough because users don't really realize that when they format and do an install, the MBR doesn't get erased nor formatted. So after a refresh reinstall it's still there.
There are several ways to get rid of the MBR infection, provided you know what you are dealing with. About the most severe method to do it (call it a nuke cleaning) is to low level format. Low level is a bit different than a standard format. It takes it back to factory erase where what ever the size of the drive is, is what it is. It's unusable that way until it's been formatted but hey, it's clean. If you're running Vista or Win7 with DRM protected HD then you will have to access another computer to wipe the drive or boot off of disc to wipe it.
Another way is the rescue disc. Only you have to make one before you have an infection, not afterwards. MBR worms are well known to jump from HD to burned disc.
For the average Joe that is not aware of MBR infection, the malware will seem indestructible as it will survive the standard format.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Hopefully MS brings back "fdisk /mbr" in windows 8, it was so easy to clear these things out back in xp and prior.
I thought the reason they were calling these "indestructible" was because most AVs don't check the MBR unless you are doing pre-boot scans, and what average user does those? I have to remember to check out that Kaspersky blog and see what they recommend those crazy russians know their shit, probably because in soviet russia computer boots you.
[ link to this | view in chronology ]
I just thought about this
You mean the Sony rootkit? Sorry, not indestructible. But everything else is spot-on.
[ link to this | view in chronology ]
ehh
They must be talking about Sony, as they installed rootkits into people's machines that allowed malware to be hidden from the OS
Also, think of all the lost money caused by Sony because people have to pay higher prices than they should for music/etc. It's like artificial inflation and contributes to unemployment. Or all the money sated on lawyers in our system because of these unconstitutional laws they keep getting lobbying for which are also causing extra burden on our legal system which is wasting more money and contributing to more unemployment.
Sony is a rouge site and should be taken down.
[ link to this | view in chronology ]
I use Linux (TM)
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Name the Congress Critter who proposed the detonation of pirate computers.
Bonus Points: Explain how it was supposed to work.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
It's True...
It's true! One moment you're downloading Transformers 18: Megatron's Next Resurrection, the next you're watching Two Girls, One Cup.
Saves the interwebs before the world screams in horror!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
There are viruses out there that are incredibly difficult to get rid of. The popularity of torrents and file lockers make them perfect targets for widespread distribution of viruses.
The MPAA isn't wrong on this one. They may be a little self-serving about it, but they aren't wrong.
[ link to this | view in chronology ]
Re:
Whose job is lost because a teenybopper screwed his computer looking for porn and has to reinstall? If you are talking about actual work enviroments that could potentially disrupt business as the mpaa claims, fake bittorrents are not worth even bringing up.
[ link to this | view in chronology ]
Re: Re:
You also have to remember that people use laptops for work, and often take them home and use them as personal computers at night. They download a "movie" that is a trojan at night, and that infections is brought into the work environment the next day.
[ link to this | view in chronology ]
Re: Re: Re:
Sounds like your office could've benefited from a more mature workforce coupled w/a web filter set on "low"....
"You also have to remember that people use laptops for work, and often take them home and use them as personal computers at night. They download a "movie" that is a trojan at night, and that infections is brought into the work environment the next day."
And that was THAT big a problem? No proactive monitoring on mobile workstations? Thank God for situations like this; they keep us managed services folks in business....
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re:
If people can't stream/download movies anymore the malware websites will just find a new cover. This legislation does nothing to prevent malware. Karl explains it wonderfully below.
And one example of them using something not movie/piracy related: http://technolog.msnbc.msn.com/_news/2011/05/02/6570503-bin-laden-death-brings-malware-explosion
[ link to this | view in chronology ]
Death to the MPAA
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Big MPAA
What a wonderfully benign euphemism for "government censorship".
The government needs to keep these sites from us for our own good. Sounds like something right out of Orwell.
[ link to this | view in chronology ]
Complete FUD
One of the major points in his blog is that the botnet is spread through "affiliates." Such situations are not new, but are novel for this particular type of malware.
However, Brigner then says that these "affiliates" are "rogue websites." In other words, he's strongly implying that the affiliates of botnets and other malware are also websites that are "dedicated to infringing content."
Except this is absolutely false. The "affiliates" do not, themselves, distribute any content whatsoever. Usually, they try to trick users into believing they're getting content (or legitimate software, or "antivirus programs"), but the users get the malware instead. In other words, the botnet affiliates have the same relationship to "rogue websites," as phishing emailers do to Bank of America.
As an illustration: among all the sites ICE seized for copyright infringement, not one was even accused of spreading malware. And why would they? Sites that are "dedicated to infringing content" are almost exclusively community-driven.
This is where his argument falls apart. The PROTECT-IP act considers "rogue websites" to be websites that are "dedicated to infringing content." If the act passes, not a single malware affiliate will be affected by it.
They will not be any more unlawful than they are now; law enforcement will have no more resources to fight them than they do now. In fact, law enforcement will have fewer resources, because the money that could be used to fight malware affiliates would be diverted into fighting "rogue websites" instead.
Nor will it particularly harm the botnet affiliates if every single "rogue website" shut down. By the time that happened (assuming it even could), the botnet affiliates would have long ago moved on to whatever other types of websites are popular at the moment.
If you want to know what FUD actually means, this blog post is a textbook example.
[ link to this | view in chronology ]
You can break the internet if you search for "google" at google.com
[ link to this | view in chronology ]
They are the ones who put it there, imo.
Just saying.
[ link to this | view in chronology ]
http://mashable.com/2010/10/01/warning-facebook-li ke-worm-spreading-through-javascript-exploit/ (Facebook worm)
http://namb.la/popular/tech.html (MySpace worm)
http://arstechnica.com/business/news/2008/01/javascript-worm-still-spreading-infection-origin -unknown.ars
Someone should hack the MPAA websites and put some nasties in there, so to make them be reclassified as a "rogue website".
[ link to this | view in chronology ]
Oh yeah, Chrome added that as a proprietary feature: <x-webkit-destroy-internet>
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]